Software-defined WAN (SD-WAN) is an exciting new technology that allows organizations to reduce network complexity and cost, while increasing flexibility, availability, security, and visibility.

Citrix SD-WAN creates a reliable WAN from diverse network links (MPLS, broadband, 4G LTE, Satellite, etc.). Using its unique per-packet selection algorithm that constantly monitors the conditions of every link, it makes instant path selection decisions as each packet comes into SD-WAN for transmission. This results in the best path being selected at each given moment (microseconds actually). As applications and users demand more bandwidth, it can distribute the traffic using all available links, thus creating a secure Virtual Path which is the aggregation of all individual links (no more stand-by links that you pay for and hope to never use).

If your network is struggling with bandwidth usage, users will notice the performance improvement not only by providing more bandwidth, but also enabling QoS control over link types that don’t provide QoS natively (i.e. internet).

By being agnostic of the underlying network technology, Citrix SD-WAN gives you independence of link types and providers, increasing your overall WAN availability.

In addition, since it usually leverages Internet links at branches to create the Virtual Paths, it can provide direct Internet breakout to users accessing cloud-based applications. This also improves the user experience, all while maintaining the security and control of Internet traffic, with its encrypted Virtual Paths, integrated Firewall, and ability to send external traffic through cloud-based Secure Web Gateways.

Simplification comes from many of the features, like:

  • Centralized management and configuration of all devices, leveraging the use of templates for WAN, QoS and Firewall configurations. No more logging into each branch router to add a QoS rule or access-list for a new application – you just add to a global template and it’s automatically updated on all branches.
  • It can replace your edge router, reducing the number of devices you have to manage.
  • Zero Touch Deployment (ZTD). It makes a huge difference in large scale deployments. The branch appliances can automatically connect to the Citrix ZTD service in the cloud and download the required configuration, licenses, and software updates. No need to login to the appliance, just plug the cables. All controlled from the central management and secured by built-in authentication.

And don’t forget the improved visibility. Since all traffic passes through SD-WAN, it can give you a much deeper understanding of what is going on in the network, up to the application-level with its built-in DPI (Deep Packet Inspection) capabilities. Not only will you get visibility into the most used applications, it can also provide application-level QoE (Quality of Experience) measurements.

But as with all new technologies, it requires some learning, and it goes beyond just knowing how to configure it. Among other things, it’s important to understand:

  • What are the deployment topologies available and when to use them?
  • What are key requirements to successfully integrate Citrix SD-WAN with the existing network? Does it involve changes to my existing routers, switches, links, QoS, etc.?
  • How should I plan the transformation to a SD-WAN network?
  • What are the challenges involved in the rollout? What can I do to facilitate it?
  • Will my team be able to maintain the new network? Do I have the right tools? Can SD-WAN be integrated into existing tools?

By participating in many SD-WAN deployments (including some of the largest ones), we’ve been through all this and can give you some TIPs.

Marcelo Oguma
Senior Architect, Citrix Consulting Services